[Free] Get all latest Microsoft 70-642 Actual Tests 351-360

Your company has a single Active Directory domain. All servers run Windows Server 2008. The company network has servers that perform as Web Servers. All confidential files are located on a server named FSS1. The company security policy states that all confidential data must be transmitted in the most secure manner. When you monitor the network you notice that the confidential files stored on FSS1 server are being transmitted over the network without encryption. You need to ensure that encryption is always used when the confidential files on the FSS1 server are transmitted over the network. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

A.Deactivate all LM and NTLM authentication methods on FSS1 server

B.Use IIS to publish the confidential files, activate SSL on the IIS server, and then open the files as a web folder

C.Use IPsec encryption between the FSS1 server and the computers of the users who need to access the confidential files.

D.Use the Server Message Block (SMB) signing between the FSS1 server and the computers of the users who want to access the confidential files.

E.Activate offline files for the confidential files that are stored on the FSS1 server. In the Folder Advanced Properties box, select the Encrypt contents to secure data option

Correct Answer: BC

QUESTION 352

Your company has an Active Directory domain. Aserver named Server1 runs the Network Access Policy server role. You need to disable IPv6 for all connections except for the tunnel interface and the IPv6

Loopback interface. What should you do?

A.Run the netsh ras ipv6 set command

B.Run the netsh interface ipv6 delete command

C.Run ipv6.exe and remove the IPv6 Protocol

D.From the Local Area Connection Properties, uncheck Internet Protocol Version 6 (TCP/IPv6)

Correct Answer: D

QUESTION 353

Your company has a single Active Directory domain. The domain runs at the functional level of Windows Server 2003. You install the DHCP service on a server named DHCP1. You attempt to start the DHCP service, but it does not start. You need to ensure that the DHCP service starts. What should you do?

A.Restart DHCP1

B.Configure a scope on DHCP1

C.Activate the scope on DHCP1

D.Authorize DHCP1 in the Active Directory domain

Correct Answer: D

QUESTION 354

Your company has Active Directory Certificate Services (AD CS) and Network Access Protection (NAP) deployed on the network. You need to configure the wireless network to accept smart cards. What should you do?

A.Configure the wireless network to use WPA2, PEAP, and MSCHAP v2

B.Configure the wireless network to use WPA2, 802.1X authentication and EAP-TLS

C.Configure the wireless network to use WEP, 802.1X authentication, PEAP, and MSCHAP v2

D.Configure the wireless network to use WPA, PEAP, and MSCHAP v2 and also require strong user passwords.

Correct Answer: B

QUESTION 355

Your company has users who connect remotely to the main office though a Windows Server 2008 VPN server. You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00. What should you do?

A.Create a network policy for VPN connections. Modify the Day and time restrictions.

B.Create a network policy for VPN connections. Apply an ip filter to deny access to the corporate network.

C.Modify the Logon hours for all users objects to specify only the VPN server on the computer restrictions option.

D.Modify the Logon hours for the default domain policy to enable the Force logoff when logon hours expire option.

Correct Answer: A

QUESTION 356

You have a server that runs Windows Server 2008. You need to configure the server as a VPN server. What should you install on the server?

A.Windows Deployment Serivces role and Deployment Server role service

B.Windows Deployment Services role and Deployment Transport Role Service

C.Network Policy and Access Services role and Routing and Remote Access Services role service.

Your company has an Active Directory domain named ad.contoso.com. The company also has a public namespace named contoso.com. You need to ensure that public DNS zone records cannot be copied. You must achieve this goal without impacting the functionality of public DNS name resolutions. What should you do?

A.Disable the notify feature for the contoso.com zone.

B.Disable the Allow-Read permission for the Everyone group on the contoso.com DNS domain.

C.Configure the All domain controllers in the domain zone replication option on ad.contoso.com.

D.Configure the Allow zone transfers only to servers listed on the Name Servers option on contoso.com

Correct Answer: D

QUESTION 358

Your company has a DNS server named Server1. Your partner company has a DNS server named Server2. You create a stub zone on Server1. The master for the stub zone is Server2. Server2 fails. You discover that users are not able to resolve names for the partner company. You need to ensure that users are able to resolve names for the partner company in the event that Server2 fails. What should you do?

A.Change the stub zone to a secondary zone on Server1.

B.Open the SOA record for the zone on Server2. Change the Minimum (default) TTL setting to 12 hours.

C.Open the DNS zone for the partner company on Server2. Create a new Route Through (RT) record and a new host (A) record for Server1.

D.Open the primary DNS zone on Server2. Create a new Service Locator (SRV) record and a new host (A) record for Server1.

Correct Answer: A

QUESTION 359

Your company has a single Active Directory forest that has an Active Directory domain named na.contoso.com. A member server named Server2 runs the DNS server role. The Server2 DNS service hosts multiple secondary zones including na.contoso.com. You need to reconfigure Server2 as a caching-only DNS server. What should you do?

A.Uninstall and reinstall the DNS service on Server2

B.Change all the DNS zones on Server2 to stub zones

C.Disable and then enable the DNS service on Server2

D.Delete the na.contoso.com DNS zone domain from Server2. Restart the DNS service on Server2.

Correct Answer: A

QUESTION 360

Your company has an Active Direcotry forest that has five domains. All DNS servers are domain controllers. You need to ensure that users from all domains are able to access a Web server named App1 by browsing http://App1. What should you do?

A.Configure and enable DFS-R on the Appl1 Web Server.

B.Create a host (AAAA) record for the App1 Web server in the DNS zone for the forest root domain.

C.Create a zone named GlobalNames on a DNS server. Replicate the GlobalNames zone to all domain controllers in the forest. Create a host (A) record for the App1 Web server in the zone.

D.Create a zone named LegacyWINS on a DNS server. Replicated the LegacyWINS zone to all domain controlelrs in the forest. Create a host (A) record for the Appl1 Web server in the zone.